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1 This action is in response to the communication filed on 4/2/2008. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments filed 4/2/2008 have been fully considered but they are not 

5 persuasive. 

6 Regarding applicants' argument that the relevant page numbers is not required in the 



7 citation of non-patent literature in an information disclosure statement, the examiner points the 

8 applicants to 37 CFR 1 .98 (b)(5) wherein it is stated that the among other things, each 

9 publication listed in an IDS must be identified by publisher, author (if any), title, relevant pages 

10 of the publication, date, and place of publication. As such, the examiner still holds that these 

1 1 citations are not in compliance with 37 CFR 1 .98 and as such has not considered them. See 

12 MPEP Section 609 for details about the requirements for submitting and Information Disclosure 

13 Statement. 

14 In response to applicant's argument that the references fail to show certain features of 

15 applicant's invention, it is noted that the features upon which applicant relies (i.e., not knowing 

16 beforehand the algorithm used to handle the validity check) are not recited in the rejected 

17 claim(s). Although the claims are interpreted in light of the specification, limitations from the 

1 8 specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 1 8 1 , 26 

19 USPQ2d 1057 (Fed. Cir. 1993). In this case, the applicants have argued that in the teachings of 

20 Gupta, the algorithm used to handle the packet fingerprint must be known beforehand. However, 

21 there is nothing in the claim language that forbids this from being the case. As such, the 

22 examiner does not find the argument persuasive. 
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1 Regarding the applicants' argument that Gupta does not disclose that the "validity 

2 information" is in a "header" of the packet, the examiner does not find the argument persuasive. 

3 Gupta Fig. 3 shows the packet header 302 including the validity information (308, 3 10, 3 12 etc.) 

4 As such, the examiner does not find the argument persuasive. 

5 Because the examiner does not find the arguments persuasive, the examiner has 

6 maintained the rejections of the remaining pending claims under the previously relied upon prior 

7 art. 

8 The examiner further notes the applicants' usage of the language "all necessary 



9 information required for performing a validity check" in the claims and throughout the 

10 specification. In order to remain consistent with the specification, the examiner has interpreted 

1 1 the usage of this language, for the purposes of searching and applying prior art, as meaning "all 

12 necessary information required for performing a validity check without the checking entity 

13 needing to further communicate with the sending network node". This interpretation is 

14 consistent with the specification, as the specification clearly shows that the checking node does 

1 5 not require further communication with the sending node in order to perform the validity 

16 checking, but that the checking entity may need to receive additional information from 

17 somewhere (i.e. a certificate authority) in order to perform the validity checking. 



1 8 All objections and rejections not set forth below have been withdrawn. 

1 9 Claims 1-2,4-15,1 8-20, and 42-65 have been examined. 

20 Information Disclosure Statement 

21 The information disclosure statement(s) (IDS) submitted on 1 1/26/2003 are in 



22 compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the 
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1 information disclosure statements. However, the examiner notes, as indicated on the signed 

2 copy, that the references listed in the IDS did not properly identify the pertinent pages of each 

3 reference, and as such were not considered. See MPEP Section 609 

4 Claim Objections 

5 Claim 5 is objected to because of the following informalities: Claim 5 depends from now 

6 cancelled claim 3. For the purposes of searching and applying prior art, the examiner will 

7 assume that claim 5 was meant to depend from claim 1 . Appropriate correction is required. 
8 

9 Claim Rejections - 35 USC § 112 

10 The following is a quotation of the second paragraph of 35 U.S.C. 112: 

1 1 The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 

12 subject matter which the applicant regards as his invention. 

13 

14 Claim 54 is rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 



15 failing to particularly point out and distinctly claim the subject matter which applicant regards as 

16 the invention. Claim 54 is recited as depending from claim 23, which has been cancelled. 

17 Because claim 23 and its parent claims have been cancelled, the examiner cannot examiner the 

18 claim in view of prior art because the claim is not complete. However, because the claim is very 

19 similar to claim 15, the applicants can see how the claim would have been rejected had it been in 

20 independent form based upon the rejection of claim 15. 
21 

22 Claim Rejections - 35 USC § 102 

23 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

24 basis for the rejections under this section made in this Office action: 
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1 A person shall be entitled to a patent unless - 

2 (b) the invention was patented or described in a printed publication in this or a foreign 

3 country or in public use or on sale in this country, more than one year prior to the date of 

4 application for patent in the United States. 
5 

6 Claims 1-2, 5-10, 15, 18-20, 42-43, 45-49, 55-56, 58-60, and 62-65 are rejected under 35 

7 U.S.C. 102(b) as being anticipated by Gupta et al. (US Patent Number 6,389,532) hereinafter 

8 referred to as Gupta. 

9 Regarding claim 1, Gupta disclosed a method (See Gupta Fig. 1 Element 104, 108 or 



10 1 12), comprising the steps of: generating validity information for a packet (See Gupta Figs. 5-6 

1 1 and Col. 6 Paragraphs 2-4), wherein the validity information comprises all necessary information 

12 required to perform a validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 

13 7 Paragraph 2); the validity information comprising algorithm information to be used for 

14 performing the validity check of the packet (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); 

15 generating a packet header (302), comprising the validity information (See Gupta Fig. 3 and Col. 

16 6 Paragraphs 3-4); and sending the packet including the header from a first network node to a 

17 second network node (See Gupta Col. 6 Paragraph 4). 

18 Regarding claim 18, Gupta disclosed an apparatus comprising: validity information 

19 generating means for generating validity information for a packet (See Gupta Figs. 5-6 and Col. 

20 6 Paragraphs 2-4); packet header generating means for generating a header for the packet, 

21 comprising the validity information (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); and sending 

22 means for sending the packet including the header to a receiving network node (See Gupta Col. 6 

23 Paragraph 4), wherein the validity information comprises all necessary information required for 

24 performing a validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 
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1 Paragraph 2) and the validity information comprises algorithm information to be used for 

2 performing the validity check of the packet (See Gupta Col. 6 Paragraphs 3-4). 

3 Regarding claim 19, Gupta disclosed a network node (See Gupta Fig. 1 Element 104 or 

4 1 12) comprising: receiving means for receiving packets from a sending network node (See Gupta 

5 Fig. 1 Element 108) (See Gupta Fig. 7 and Col. 6 Paragraph 5); and performing means for 

6 performing a validity check of a packet by referring to validity information contained in a header 

7 of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 2), wherein the validity information 

8 comprises all necessary information required for performing the validity check of the packet (See 

9 Gupta Fig. 7 and Col. 6 Paragraph 5), and the validity information comprises algorithm 

10 information to be used for performing the validity check of the packet (See Gupta Col. 6 

1 1 Paragraphs 3-4). 

12 Regarding claim 20, Gupta disclosed an apparatus (See Gupta Fig. 1 Element 104) 

13 comprising: forwarding means for forwarding packets from a sending network node to a 

14 receiving network node (See Gupta Fig. 7 and Col. 7 Paragraph 2); and performing means for 

15 performing a validity check of a packet by referring to validity information contained in a header 

16 of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 2), wherein the validity information 

17 comprises all necessary information required for performing a validity check of the packet (See 

18 Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2), and the validity information comprises 

19 algorithm information to be used for performing the validity check of the packet (See Gupta Col. 

20 6 Paragraphs 3-4). 

21 Regarding claim 42, Gupta disclosed an apparatus, comprising: a validity information 

22 generator configured to generate validity information for a packet (See Gupta Figs. 5-6 and Col. 
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1 6 Paragraphs 2-4); a packet header generator configured to generate a header for the packet, 

2 comprising the validity information (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); and a 

3 transmitter configured to send the packet including the header to a receiving network node (See 

4 Gupta Col. 6 Paragraph 4), wherein the validity information comprises all necessary information 

5 required to perform a validity check of the packet, and the validity information comprises 

6 algorithm information to be used to perform the validity check of the packet (See Gupta Fig 7 

7 and Col. 6 Paragraph 3 - Col. 7 Paragraph 2). 

8 Regarding claim 55, Gupta disclosed an apparatus, comprising: a receiver configured to 

9 receive packets from a sending network node (See Gupta Fig. 1 Element 108, Fig. 7 and Col. 6 

10 Paragraph 5); and a checker configured to perform a validity check of a packet by referring to 

1 1 validity information contained in a header of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 

12 2), wherein the validity information comprises all necessary information required to perform the 

13 validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2), and 

14 the validity information comprises algorithm information to be used to perform the validity 

15 check of the packet (See Gupta Col. 6 Paragraphs 3-4). 

16 Regarding claim 59, Gupta disclosed an apparatus, comprising: a transmitter configured 

17 to forward packets from a sending network node to a receiving network node (See Gupta Fig. 7 

18 and Col. 6 Paragraph 5); and a checker configured to perform a validity check of a packet by 

19 referring to validity information contained in a header of the packet (See Gupta Fig. 7 and Col. 7 

20 Paragraph 2), wherein the validity information comprises all necessary information required to 

21 perform a validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 
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1 Paragraph 2), and the validity information comprises algorithm information to be used to 

2 perform the validity check of the packet (See Gupta Col. 6 Paragraphs 3-4). 

3 Regarding claim 63, Gupta disclosed a method comprising: receiving packets (See Gupta 

4 Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2); and performing a validity check of a packet 

5 by referring to validity information contained in a header of the packet (See Gupta Fig. 7 and 

6 Col. 7 Paragraph 2), wherein the validity information comprises all necessary information 

7 required for performing the validity check of the packet, the validity information comprising 

8 algorithm information to be used for performing the validity check of the packet (See Gupta Fig 

9 7 and Col. 6 Paragraph 3 - Col. 7 Paragraph 2). 

10 Regarding claim 64, Gupta disclosed a method comprising: forwarding received packets 

1 1 (Gupta Col. 7 Paragraph 2); and performing means for performing a validity check of a packet 

12 by referring to validity information contained in a header of the packet (Gupta Col. 7 Paragraph 

13 2), wherein the validity information comprises all necessary information required for performing 

14 a validity check of the packet, the validity information comprising algorithm information to be 

15 used for performing the validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 3 - 

16 Col. 7 Paragraph 2). 

17 Regarding claim 65, Gupta disclosed A system, comprising: a first generator configured 

18 to generate validity information for a packet (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); a 

19 second generator configured to generate a header for the packet , comprising the validity 

20 information (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); a transmitter configured to send the 

21 packet including the header to a receiving network node (See Gupta Fig. 3 and Col. 6 Paragraphs 

22 3-4), wherein the validity information comprises all necessary information required for 
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1 performing a validity check of the packet (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); and a 

2 checker configured to perform a validity check of a packet by referring to validity information 

3 contained in a header of the packet (Gupta Col. 7 Paragraph 2), wherein the validity information 

4 comprises all necessary information required to perform the validity check of the packet, the 

5 validity information comprising algorithm information to be used to perform the validity check 

6 of the packet (See Gupta Fig 7 and Col. 6 Paragraph 3 - Col. 7 Paragraph 2). 



7 Regarding claims 2, 43, 56 and 60, Gupta disclosed that the generating of the validity 

8 information comprises generating security information indicating security services applied to the 

9 packet (See Gupta Col. 5 Paragraph 7). 

10 Regarding claim 5, Gupta disclosed that the generating the algorithm information 

1 1 comprises generating of the algorithm information which comprises values to initialize an 

12 algorithm to be used to perform the validity check of the packet (See Gupta Col. 6 Paragraphs 3- 

13 4, the data, the key index, the signature, or the fingerprint, for example). 

14 Regarding claims 6, 45, 58, and 62, Gupta disclosed that the generating of the validity 

15 information comprises generating public key information of a sending node (See Gupta Col. 6 

16 Paragraphs 2-6, for example the public and private key pair, or the key index). 

17 Regarding claims 7, and 46 Gupta disclosed that the generating of the public key 

1 8 information comprises generating reference information related to how a public key can be 

19 obtained (See Gupta Col. 6 Paragraphs 3-4 and Col. 7 Paragraph 2). 

20 Regarding claims 8, and 47, Gupta disclosed that the generating of the reference 

2 1 information comprises generating an identity of an entity from which the public key can be 
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1 obtained (See Gupta Col. 6 Paragraphs 3-4, Col. 7 Paragraph 2, and Col. 3 Line 64 - Col. 4 Line 

2 13, wherein the index is the identity, and the entry in the table is the entity). 

3 Regarding claims 9, and 48, Gupta disclosed that the generating of the reference 

4 information comprises generating a public key identifier for the public key (See Gupta Col. 6 

5 Paragraphs 3-4 and Col. 7 Paragraph 2, the key index). 

6 Regarding claim 10, and 49, Gupta disclosed that the generating of the public key 

7 information comprises generating the public key (See Gupta Col. 6 Paragraph 2). 

8 Regarding claim 15 (and 54), Gupta disclosed signing the packet using a private key 

9 corresponding to a public key indicated by the validity information in the packet header in a 
10 sending network node (See Gupta Col. 6 Paragraph 4). 

1 1 

1 2 Claim Rejections - 35 USC §103 

13 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

14 obviousness rejections set forth in this Office action: 

15 A patent may not be obtained though the invention is not identically disclosed or 

16 described as set forth in section 102 of this title, if the differences between the subject matter 

17 sought to be patented and the prior art are such that the subject matter as a whole would have 

1 8 been obvious at the time the invention was made to a person having ordinary skill in the art to 

19 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

20 the invention was made. 
21 

22 Claims 4, 12-14, 44, 51-53, 57, and 61 are rejected under 35 U.S.C. 103(a) as being 

23 unpatentable over Gupta as applied to claims 1, 18, 19, and 20 above, and further in view of 

24 Naudus (US Patent Number 6,202,08 1). 
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1 Regarding claims 12-14, and 5 1-53, Gupta disclosed validation of packets, but failed to 

2 disclose that the step of generating the validity information comprises generating an information 

3 item for preventing replay attacks. 

4 Naudus teaches that in a packet filtering system, packets should include timestamps in 

5 order to prevent replay attacks. Naudus further teaches that "[rjeplay attacks occur when a 

6 malicious user gains access to a router or other network device on a computer network that is 

7 forwarding data packets. Legitimate data packets are intercepted and then re-sent at a later time 

8 to allow the malicious user to appear as a legitimate user. A firewall helps prevent replay attacks 

9 by checking a time-stamp in the data packet that prevents the data packets from being re-sent at a 

10 later time." (See Naudus Col. 2 Paragraph 4). 

11 It would have been obvious to the ordinary person skilled in the art at the time of 

12 invention to employ the teachings of Naudus in the packet validity checking system of Gupta by 

13 including a timestamp in each packet and verifying the timestamp at the validity checker. This 

14 would have been obvious because the ordinary person skilled in the art would have been 

15 motivated to prevent replay attacks in the network. In this combination, the inclusion of a 

16 timestamp in each packet, in itself, is an indication of a procedure to be used for anti replay 

17 attacks. 

18 Regarding claims 4, 44, 57, and 61, Gupta did not specifically teach that the step of 

19 generating the algorithm information comprises generating the algorithm information which 

20 indicates an algorithm to be used for performing the validity check of the packet. However, as 

21 taught by Naudus, in Col. 6 Line 60 - Col. 7 Line 7, it is well known to include in the packet 

22 header, an identification of which algorithm was used to sign the packet. As such, it would have 
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1 been obvious to have included this information within the packet. Furthermore, the ordinary 

2 person skilled in the art at the time of invention would have recognized that this would allow for 

3 the user of a multiplicity of signature algorithms, as well as allowing updating of the signature 

4 algorithms in the future, and therefore it would have been obvious to have included an indication 

5 of the signature algorithm in the packet. 

6 Claims 11, and 50 are rejected under 35 U.S.C. 103(a) as being unpatentable over Gupta 

7 as applied to claims 6 and 23 above, and further in view of Nikander (US Patent Number 

8 7,155,500). 

9 Gupta disclosed including public key information within the packets, but failed to 

10 specifically disclose including the public key itself within the packets or that the step of 

1 1 generating the public key information comprises generating public key verification information 

12 indicating information in order to verify that the public key actually belongs to the sending node. 

13 Gupta did disclose that the public and private key pairs can be generated and stored in a 

14 certification server (See Col. 4 Paragraph 2). 

15 Nikander teaches that by including a public key itself and the certificate of the public key, 

16 the receiving host can verify that the public key is truly owned by the sender (See Nikander Col. 

17 10 Line 50 - Col. 12 Line 9). 

18 It would have been obvious to the ordinary person skilled in the art at the time of 

19 invention to employ the teachings of Nikander in the packet verification system of Gupta by 

20 including the public key and public key certificate within each packet and verifying that the 

2 1 sender of each packet owned the public key used to sign the packet. This would have been 
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1 obvious because the ordinary person skilled in the art would have been motivated to ensure that a 

2 malicious node was not claiming to be a different node. 

3 Conclusion 

4 Claims 1 -2, 4- 1 5 , 1 8-20, and 42-65 have been rejected. 

5 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

6 policy as set forth in 37 CFR 1 .136(a). 

7 A shortened statutory period for reply to this final action is set to expire THREE 



8 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

9 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

10 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

1 1 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

12 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 

13 however, will the statutory period for reply expire later than SIX MONTHS from the mailing 

14 date of this final action. 



15 The prior art made of record and not relied upon is considered pertinent to applicant's 

16 disclosure. 

17 Any inquiry concerning this communication or earlier communications from the 

1 8 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

19 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

20 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

21 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

22 organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 



2 Application Information Retrieval (PAIR) system. Status information for published applications 

3 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

4 applications is available through Private PAIR only. For more information about the PAIR 

5 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

6 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 

7 like assistance from a USPTO Customer Service Representative or access to the automated 

8 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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